Support for capturing on, and reading captures from, OpenBSD firewall
logging virtual interface, from Mike Frantzen. svn path=/trunk/; revision=4616
This commit is contained in:
parent
d76a4172a6
commit
c873f79156
5
AUTHORS
5
AUTHORS
|
@ -1014,6 +1014,11 @@ Ricardo Barroetave
|
|||
Alan Harrison <alanharrison[AT]mail.com> {
|
||||
Fixes to EtherPeek file reader code
|
||||
}
|
||||
|
||||
Mike Frantzen <frantzen[AT]w4g.org> {
|
||||
Support for capturing on, and reading captures from, OpenBSD
|
||||
firewall logging virtual interface
|
||||
}
|
||||
|
||||
Alain Magloire <alainm[AT]rcsm.ece.mcgill.ca> was kind enough to
|
||||
give his permission to use his version of snprintf.c.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# Makefile.am
|
||||
# Automake file for Ethereal
|
||||
#
|
||||
# $Id: Makefile.am,v 1.405 2002/01/20 23:05:22 gerald Exp $
|
||||
# $Id: Makefile.am,v 1.406 2002/01/29 08:44:45 guy Exp $
|
||||
#
|
||||
# Ethereal - Network traffic analyzer
|
||||
# By Gerald Combs <gerald@ethereal.com>
|
||||
|
@ -208,6 +208,7 @@ DISSECTOR_SRC = \
|
|||
packet-osi-options.c \
|
||||
packet-ospf.c \
|
||||
packet-pcnfsd.c \
|
||||
packet-pflog.c \
|
||||
packet-pgm.c \
|
||||
packet-pim.c \
|
||||
packet-pop.c \
|
||||
|
@ -394,6 +395,7 @@ noinst_HEADERS = \
|
|||
packet-osi.h \
|
||||
packet-osi-options.h \
|
||||
packet-pcnfsd.h \
|
||||
packet-pflog.h \
|
||||
packet-pgm.h \
|
||||
packet-pim.h \
|
||||
packet-portmap.h \
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
## Makefile for building ethereal.exe with Microsoft C and nmake
|
||||
## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake
|
||||
#
|
||||
# $Id: Makefile.nmake,v 1.165 2002/01/21 10:21:57 guy Exp $
|
||||
# $Id: Makefile.nmake,v 1.166 2002/01/29 08:44:46 guy Exp $
|
||||
|
||||
include config.nmake
|
||||
include <win32.mak>
|
||||
|
@ -159,6 +159,7 @@ DISSECTOR_SRC = \
|
|||
packet-osi-options.c \
|
||||
packet-ospf.c \
|
||||
packet-pcnfsd.c \
|
||||
packet-pflog.c \
|
||||
packet-pgm.c \
|
||||
packet-pim.c \
|
||||
packet-pop.c \
|
||||
|
|
|
@ -1358,6 +1358,7 @@ B<http://www.ethereal.com>.
|
|||
Jirka Novak <j.novak[AT]netsystem.cz>
|
||||
Ricardo Barroetaveña <rbarroetavena[AT]veufort.com>
|
||||
Alan Harrison <alanharrison[AT]mail.com>
|
||||
Mike Frantzen <frantzen[AT]w4g.org>
|
||||
|
||||
Alain Magloire <alainm[AT]rcsm.ece.mcgill.ca> was kind enough to give his
|
||||
permission to use his version of snprintf.c.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* column-utils.c
|
||||
* Routines for column utilities.
|
||||
*
|
||||
* $Id: column-utils.c,v 1.10 2002/01/11 08:21:00 guy Exp $
|
||||
* $Id: column-utils.c,v 1.11 2002/01/29 08:44:49 guy Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@ethereal.com>
|
||||
|
@ -154,6 +154,7 @@ col_add_fstr(column_info *cinfo, gint el, gchar *format, ...) {
|
|||
cinfo->col_data[i] = cinfo->col_buf[i];
|
||||
}
|
||||
}
|
||||
va_end(ap);
|
||||
}
|
||||
|
||||
/* Appends a vararg list to a packet info string. */
|
||||
|
@ -182,6 +183,45 @@ col_append_fstr(column_info *cinfo, gint el, gchar *format, ...) {
|
|||
cinfo->col_data[i] = cinfo->col_buf[i];
|
||||
}
|
||||
}
|
||||
va_end(ap);
|
||||
}
|
||||
|
||||
/* Prepends a vararg list to a packet info string. */
|
||||
void
|
||||
col_prepend_fstr(column_info *cinfo, gint el, gchar *format, ...)
|
||||
{
|
||||
va_list ap;
|
||||
int i, safe_orig = FALSE;
|
||||
char *orig = NULL;
|
||||
size_t max_len;
|
||||
|
||||
if (el == COL_INFO)
|
||||
max_len = COL_MAX_INFO_LEN;
|
||||
else
|
||||
max_len = COL_MAX_LEN;
|
||||
|
||||
va_start(ap, format);
|
||||
for (i = 0; i < cinfo->num_cols; i++) {
|
||||
if (cinfo->fmt_matx[i][el]) {
|
||||
if (cinfo->col_data[i] != cinfo->col_buf[i]) {
|
||||
/* This was set with "col_set_str()"; which is effectively const */
|
||||
orig = cinfo->col_data[i];
|
||||
} else {
|
||||
/* Need to cache the original string */
|
||||
if (!safe_orig) {
|
||||
orig = alloca(max_len);
|
||||
safe_orig = TRUE;
|
||||
}
|
||||
strncpy(orig, cinfo->col_buf[i], max_len);
|
||||
orig[max_len - 1] = '\0';
|
||||
}
|
||||
vsnprintf(cinfo->col_buf[i], max_len, format, ap);
|
||||
strncat(cinfo->col_buf[i], orig, max_len);
|
||||
cinfo->col_buf[i][max_len - 1] = '\0';
|
||||
cinfo->col_data[i] = cinfo->col_buf[i];
|
||||
}
|
||||
}
|
||||
va_end(ap);
|
||||
}
|
||||
|
||||
/* Use this if "str" points to something that won't stay around (and
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* column-utils.h
|
||||
* Definitions for column utility structures and routines
|
||||
*
|
||||
* $Id: column-utils.h,v 1.5 2001/12/10 00:26:16 guy Exp $
|
||||
* $Id: column-utils.h,v 1.6 2002/01/29 08:44:49 guy Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@ethereal.com>
|
||||
|
@ -48,9 +48,12 @@ extern void col_add_fstr(column_info *, gint, gchar *, ...)
|
|||
__attribute__((format (printf, 3, 4)));
|
||||
extern void col_append_fstr(column_info *, gint, gchar *, ...)
|
||||
__attribute__((format (printf, 3, 4)));
|
||||
extern void col_prepend_fstr(column_info *, gint, gchar *, ...)
|
||||
__attribute__((format (printf, 3, 4)));
|
||||
#else
|
||||
extern void col_add_fstr(column_info *, gint, gchar *, ...);
|
||||
extern void col_append_fstr(column_info *, gint, gchar *, ...);
|
||||
extern void col_prepend_fstr(column_info *, gint, gchar *, ...);
|
||||
#endif
|
||||
extern void col_add_str(column_info *, gint, const gchar *);
|
||||
extern void col_append_str(column_info *, gint, gchar *);
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* plugins.c
|
||||
* plugin routines
|
||||
*
|
||||
* $Id: plugins.c,v 1.45 2002/01/05 04:12:16 gram Exp $
|
||||
* $Id: plugins.c,v 1.46 2002/01/29 08:44:49 guy Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@ethereal.com>
|
||||
|
@ -288,6 +288,7 @@ init_plugins(const char *plugin_dir)
|
|||
patable.p_col_clear = col_clear;
|
||||
patable.p_col_add_fstr = col_add_fstr;
|
||||
patable.p_col_append_fstr = col_append_fstr;
|
||||
patable.p_col_prepend_fstr = col_prepend_fstr;
|
||||
patable.p_col_add_str = col_add_str;
|
||||
patable.p_col_append_str = col_append_str;
|
||||
patable.p_col_set_str = col_set_str;
|
||||
|
|
|
@ -0,0 +1,212 @@
|
|||
/* packet-pflog.c
|
||||
* Routines for pflog (OpenBSD Firewall Logging) packet disassembly
|
||||
*
|
||||
* $Id: packet-pflog.c,v 1.1 2002/01/29 08:44:46 guy Exp $
|
||||
*
|
||||
* Copyright 2001 Mike Frantzen
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* - Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
||||
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
||||
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
||||
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
||||
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
|
||||
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
|
||||
* ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
# include "config.h"
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_SYS_TYPES_H
|
||||
# include <sys/types.h>
|
||||
#endif
|
||||
|
||||
#include <glib.h>
|
||||
#include <epan/packet.h>
|
||||
#include "etypes.h"
|
||||
#include <epan/resolv.h>
|
||||
#include "packet-ip.h"
|
||||
#include "packet-ipv6.h"
|
||||
#include "packet-pflog.h"
|
||||
|
||||
#ifndef offsetof
|
||||
/* Can't trust stddef.h to be there for us */
|
||||
# define offsetof(type, member) ((size_t)(&((type *)0)->member))
|
||||
#endif
|
||||
|
||||
static dissector_handle_t data_handle, ip_handle, ipv6_handle, pflog_handle;
|
||||
|
||||
/* header fields */
|
||||
static int proto_pflog = -1;
|
||||
static int hf_pflog_af = -1;
|
||||
static int hf_pflog_ifname = -1;
|
||||
static int hf_pflog_rnr = -1;
|
||||
static int hf_pflog_reason = -1;
|
||||
static int hf_pflog_action = -1;
|
||||
static int hf_pflog_dir = -1;
|
||||
|
||||
static gint ett_pflog = -1;
|
||||
|
||||
static char *pf_reasons[PFRES_MAX+2] = PFRES_NAMES;
|
||||
|
||||
|
||||
void
|
||||
capture_pflog(const u_char *pd, int offset, int len, packet_counts *ld)
|
||||
{
|
||||
struct pfloghdr pflogh;
|
||||
|
||||
if (!BYTES_ARE_IN_FRAME(offset, len, (int)PFLOG_HDRLEN)) {
|
||||
ld->other++;
|
||||
return;
|
||||
}
|
||||
|
||||
offset += PFLOG_HDRLEN;
|
||||
|
||||
/* Copy out the pflog header to insure alignment */
|
||||
memcpy(&pflogh, pd, sizeof(pflogh));
|
||||
NTOHL(pflogh.af);
|
||||
|
||||
if (pflogh.af == BSD_PF_INET)
|
||||
capture_ip(pd, offset, len, ld);
|
||||
#ifdef notyet
|
||||
else if (pflogh.af == BSD_PF_INET6)
|
||||
capture_ipv6(pd, offset, len, ld);
|
||||
#endif
|
||||
else
|
||||
ld->other++;
|
||||
}
|
||||
|
||||
static void
|
||||
dissect_pflog(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
|
||||
{
|
||||
struct pfloghdr pflogh;
|
||||
tvbuff_t *next_tvb;
|
||||
proto_tree *pflog_tree;
|
||||
proto_item *ti, *tf;
|
||||
char *why;
|
||||
|
||||
if (check_col(pinfo->cinfo, COL_PROTOCOL))
|
||||
col_set_str(pinfo->cinfo, COL_PROTOCOL, "pflog");
|
||||
|
||||
/* Copy out the pflog header to insure alignment */
|
||||
tvb_memcpy(tvb, (guint8 *)&pflogh, 0, sizeof(pflogh));
|
||||
|
||||
/* Byteswap the header now */
|
||||
NTOHL(pflogh.af);
|
||||
NTOHS(pflogh.rnr);
|
||||
NTOHS(pflogh.reason);
|
||||
NTOHS(pflogh.action);
|
||||
NTOHS(pflogh.dir);
|
||||
|
||||
why = (pflogh.reason < PFRES_MAX) ? pf_reasons[pflogh.reason] : "unkn";
|
||||
|
||||
if (tree) {
|
||||
ti = proto_tree_add_protocol_format(tree, proto_pflog, tvb, 0,
|
||||
PFLOG_HDRLEN,
|
||||
"PF Log %s %s on %s by rule %d", pflogh.af == BSD_PF_INET ? "IPv4" :
|
||||
pflogh.af == BSD_PF_INET6 ? "IPv6" : "unkn",
|
||||
pflogh.action == PF_PASS ? "passed" :
|
||||
pflogh.action == PF_DROP ? "dropped" :
|
||||
pflogh.action == PF_SCRUB ? "scrubbed" : "unkn",
|
||||
pflogh.ifname,
|
||||
pflogh.rnr);
|
||||
pflog_tree = proto_item_add_subtree(ti, ett_pflog);
|
||||
|
||||
tf = proto_tree_add_uint_format(pflog_tree, hf_pflog_rnr, tvb,
|
||||
offsetof(struct pfloghdr, rnr), sizeof(pflogh.rnr),
|
||||
pflogh.rnr, "Rule Number: %d", pflogh.rnr);
|
||||
tf = proto_tree_add_string(pflog_tree, hf_pflog_ifname, tvb,
|
||||
offsetof(struct pfloghdr, reason), sizeof(pflogh.reason),
|
||||
pflogh.ifname);
|
||||
tf = proto_tree_add_string(pflog_tree, hf_pflog_reason, tvb,
|
||||
offsetof(struct pfloghdr, reason), sizeof(pflogh.reason),
|
||||
why);
|
||||
tf = proto_tree_add_string(pflog_tree, hf_pflog_action, tvb,
|
||||
offsetof(struct pfloghdr, action), sizeof(pflogh.action),
|
||||
pflogh.action == PF_PASS ? "pass" :
|
||||
pflogh.action == PF_DROP ? "drop" :
|
||||
pflogh.action == PF_SCRUB ? "scrub" : "unkn");
|
||||
tf = proto_tree_add_string(pflog_tree, hf_pflog_dir, tvb,
|
||||
offsetof(struct pfloghdr, dir), sizeof(pflogh.dir),
|
||||
pflogh.dir == PF_IN ? "in" : "out");
|
||||
}
|
||||
|
||||
/* Set the tvbuff for the payload after the header */
|
||||
next_tvb = tvb_new_subset(tvb, PFLOG_HDRLEN, -1, -1);
|
||||
|
||||
pinfo->ethertype = (hf_pflog_af == BSD_PF_INET) ? ETHERTYPE_IP : ETHERTYPE_IPv6;
|
||||
if (pflogh.af == BSD_PF_INET)
|
||||
call_dissector(ip_handle, next_tvb, pinfo, tree);
|
||||
else if (pflogh.af == BSD_PF_INET6)
|
||||
call_dissector(ipv6_handle, next_tvb, pinfo, tree);
|
||||
else
|
||||
call_dissector(data_handle, next_tvb, pinfo, tree);
|
||||
|
||||
if (check_col(pinfo->cinfo, COL_INFO)) {
|
||||
col_prepend_fstr(pinfo->cinfo, COL_INFO, "[%s %s/#%d] ",
|
||||
pflogh.action == PF_PASS ? "passed" :
|
||||
pflogh.action == PF_DROP ? "dropped" :
|
||||
pflogh.action == PF_SCRUB ? "scrubbed" : "unkn",
|
||||
pflogh.ifname,
|
||||
pflogh.rnr);
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
proto_register_pflog(void)
|
||||
{
|
||||
static hf_register_info hf[] = {
|
||||
{ &hf_pflog_af,
|
||||
{ "Address Family", "pflog.af", FT_UINT32, BASE_DEC, NULL, 0x0,
|
||||
"Protocol (IPv4 vs IPv6)", HFILL }},
|
||||
{ &hf_pflog_ifname,
|
||||
{ "Interface", "pflog.ifname", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"Interface", HFILL }},
|
||||
{ &hf_pflog_rnr,
|
||||
{ "Rule Number", "pflog.rnr", FT_UINT16, BASE_DEC, NULL, 0x0,
|
||||
"Last matched firewall rule number", HFILL }},
|
||||
{ &hf_pflog_reason,
|
||||
{ "Reason", "pflog.reason", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"Reason for logging the packet", HFILL }},
|
||||
{ &hf_pflog_action,
|
||||
{ "Action", "pflog.action", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"Action taken by PF on the packet", HFILL }},
|
||||
{ &hf_pflog_dir,
|
||||
{ "Direction", "pflog.dir", FT_STRING, BASE_NONE, NULL, 0x0,
|
||||
"Direction of packet in stack (inbound versus outbound)", HFILL }},
|
||||
};
|
||||
static gint *ett[] = { &ett_pflog };
|
||||
|
||||
proto_pflog = proto_register_protocol("pflog", "pflog", "pflog");
|
||||
proto_register_field_array(proto_pflog, hf, array_length(hf));
|
||||
proto_register_subtree_array(ett, array_length(ett));
|
||||
|
||||
register_dissector("pflog", dissect_pflog, proto_pflog);
|
||||
}
|
||||
|
||||
void
|
||||
proto_reg_handoff_pflog(void)
|
||||
{
|
||||
dissector_handle_t pflog_handle;
|
||||
|
||||
pflog_handle = find_dissector("pflog");
|
||||
ip_handle = find_dissector("ip");
|
||||
ipv6_handle = find_dissector("ipv6");
|
||||
data_handle = find_dissector("data");
|
||||
dissector_add("wtap_encap", WTAP_ENCAP_PFLOG, pflog_handle);
|
||||
}
|
|
@ -0,0 +1,83 @@
|
|||
/* packet-pflog.h
|
||||
*
|
||||
* $Id: packet-pflog.h,v 1.1 2002/01/29 08:44:46 guy Exp $
|
||||
*
|
||||
* Copyright 2001 Mike Frantzen
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* - Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
||||
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
||||
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
||||
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
||||
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
|
||||
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
|
||||
* ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifndef __PACKET_PFLOG_H__
|
||||
#define __PACKET_PFLOG_H__
|
||||
|
||||
/* The header in OpenBSD pflog files. */
|
||||
|
||||
struct pfloghdr {
|
||||
guint32 af;
|
||||
char ifname[16];
|
||||
gint16 rnr;
|
||||
guint16 reason;
|
||||
guint16 action;
|
||||
guint16 dir;
|
||||
};
|
||||
#define PFLOG_HDRLEN sizeof(struct pfloghdr)
|
||||
|
||||
/* Named reasons */
|
||||
#define PFRES_NAMES { \
|
||||
"match", \
|
||||
"bad-offset", \
|
||||
"fragment", \
|
||||
"short", \
|
||||
"normalize", \
|
||||
"memory", \
|
||||
NULL \
|
||||
}
|
||||
#define PFRES_MAX 6
|
||||
|
||||
/* Actions */
|
||||
#define PF_PASS 0
|
||||
#define PF_DROP 1
|
||||
#define PF_SCRUB 2
|
||||
|
||||
/* Directions */
|
||||
#define PF_IN 0
|
||||
#define PF_OUT 1
|
||||
|
||||
/* BSDisms */
|
||||
#ifndef NTOHL
|
||||
# define NTOHL(x) x = ntohl(x)
|
||||
#endif
|
||||
#ifndef NTOHS
|
||||
# define NTONS(x) x = ntohs(x)
|
||||
#endif
|
||||
#ifndef HTONL
|
||||
# define HTONL(x) x = htonl(x)
|
||||
#endif
|
||||
#ifndef HTONS
|
||||
# define HTONS(x) x = htons(x)
|
||||
#endif
|
||||
|
||||
# define BSD_PF_INET 2
|
||||
# define BSD_PF_INET6 24
|
||||
|
||||
#endif /* __PACKET_PFLOG_H__ */
|
|
@ -1,7 +1,7 @@
|
|||
/* plugin_api.c
|
||||
* Routines for Ethereal plugins.
|
||||
*
|
||||
* $Id: plugin_api.c,v 1.33 2002/01/05 04:12:17 gram Exp $
|
||||
* $Id: plugin_api.c,v 1.34 2002/01/29 08:44:51 guy Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* Copyright 2000 by Gilbert Ramirez <gram@alumni.rice.edu>
|
||||
|
@ -38,6 +38,7 @@ plugin_address_table_init(plugin_address_table_t *pat)
|
|||
p_col_clear = pat->p_col_clear;
|
||||
p_col_add_fstr = pat->p_col_add_fstr;
|
||||
p_col_append_fstr = pat->p_col_append_fstr;
|
||||
p_col_prepend_fstr = pat->p_col_prepend_fstr;
|
||||
p_col_add_str = pat->p_col_add_str;
|
||||
p_col_append_str = pat->p_col_append_str;
|
||||
p_col_set_str = pat->p_col_set_str;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* plugin_api.h
|
||||
* Routines for Ethereal plugins.
|
||||
*
|
||||
* $Id: plugin_api.h,v 1.34 2002/01/21 07:37:45 guy Exp $
|
||||
* $Id: plugin_api.h,v 1.35 2002/01/29 08:44:51 guy Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* Copyright 2000 by Gilbert Ramirez <gram@alumni.rice.edu>
|
||||
|
@ -38,6 +38,7 @@
|
|||
#define col_clear (*p_col_clear)
|
||||
#define col_add_fstr (*p_col_add_fstr)
|
||||
#define col_append_fstr (*p_col_append_fstr)
|
||||
#define col_prepend_fstr (*p_col_prepend_fstr)
|
||||
#define col_add_str (*p_col_add_str)
|
||||
#define col_append_str (*p_col_append_str)
|
||||
#define col_set_str (*p_col_set_str)
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* plugin_api_defs.h
|
||||
* Define the variables that hold pointers to plugin API functions
|
||||
*
|
||||
* $Id: plugin_api_defs.h,v 1.9 2002/01/05 04:12:17 gram Exp $
|
||||
* $Id: plugin_api_defs.h,v 1.10 2002/01/29 08:44:51 guy Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* Copyright 2000 by Gilbert Ramirez <gram@alumni.rice.edu>
|
||||
|
@ -27,6 +27,7 @@ addr_check_col p_check_col;
|
|||
addr_col_clear p_col_clear;
|
||||
addr_col_add_fstr p_col_add_fstr;
|
||||
addr_col_append_fstr p_col_append_fstr;
|
||||
addr_col_prepend_fstr p_col_prepend_fstr;
|
||||
addr_col_add_str p_col_add_str;
|
||||
addr_col_append_str p_col_append_str;
|
||||
addr_col_set_str p_col_set_str;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* plugin_table.h
|
||||
* Table of exported addresses for Ethereal plugins.
|
||||
*
|
||||
* $Id: plugin_table.h,v 1.36 2002/01/05 04:12:17 gram Exp $
|
||||
* $Id: plugin_table.h,v 1.37 2002/01/29 08:44:51 guy Exp $
|
||||
*
|
||||
* Ethereal - Network traffic analyzer
|
||||
* Copyright 2000 by Gilbert Ramirez <gram@alumni.rice.edu>
|
||||
|
@ -32,6 +32,7 @@ typedef gint (*addr_check_col)(column_info*, gint);
|
|||
typedef void (*addr_col_clear)(column_info*, gint);
|
||||
typedef void (*addr_col_add_fstr)(column_info*, gint, gchar*, ...);
|
||||
typedef void (*addr_col_append_fstr)(column_info*, gint, gchar*, ...);
|
||||
typedef void (*addr_col_prepend_fstr)(column_info*, gint, gchar*, ...);
|
||||
typedef void (*addr_col_add_str)(column_info*, gint, const gchar*);
|
||||
typedef void (*addr_col_append_str)(column_info*, gint, gchar*);
|
||||
typedef void (*addr_col_set_str)(column_info*, gint, gchar*);
|
||||
|
@ -215,6 +216,7 @@ typedef struct {
|
|||
addr_col_clear p_col_clear;
|
||||
addr_col_add_fstr p_col_add_fstr;
|
||||
addr_col_append_fstr p_col_append_fstr;
|
||||
addr_col_prepend_fstr p_col_prepend_fstr;
|
||||
addr_col_add_str p_col_add_str;
|
||||
addr_col_append_str p_col_append_str;
|
||||
addr_col_set_str p_col_set_str;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* libpcap.c
|
||||
*
|
||||
* $Id: libpcap.c,v 1.62 2001/12/04 07:32:05 guy Exp $
|
||||
* $Id: libpcap.c,v 1.63 2002/01/29 08:44:53 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
|
||||
|
@ -230,7 +230,12 @@ static const struct {
|
|||
/*
|
||||
* 17 is DLT_LANE8023 in SuSE 6.3 libpcap; we don't currently
|
||||
* handle it.
|
||||
* It is also used as the PF (Packet Filter) logging format beginning
|
||||
* with OpenBSD 3.0.
|
||||
*/
|
||||
#if defined(DLT_PFLOG) && (DLT_PFLOG == 17)
|
||||
{ 17, WTAP_ENCAP_PFLOG },
|
||||
#endif
|
||||
|
||||
/*
|
||||
* 18 is DLT_CIP in SuSE 6.3 libpcap; if it's the same as the
|
||||
|
@ -366,6 +371,13 @@ static const struct {
|
|||
|
||||
{ 114, WTAP_ENCAP_LOCALTALK }, /* Localtalk */
|
||||
|
||||
/*
|
||||
* The tcpdump.org version of libpcap uses 117, rather than 17,
|
||||
* for OpenBSD packet filter logging, so as to avoid conflicting
|
||||
* with DLT_LANE8023 in SuSE 6.3 libpcap.
|
||||
*/
|
||||
{ 117, WTAP_ENCAP_PFLOG },
|
||||
|
||||
{ 118, WTAP_ENCAP_CISCO_IOS },
|
||||
{ 119, WTAP_ENCAP_PRISM_HEADER }, /* Prism monitor mode hdr */
|
||||
};
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* wtap.c
|
||||
*
|
||||
* $Id: wtap.c,v 1.58 2001/11/30 07:14:22 guy Exp $
|
||||
* $Id: wtap.c,v 1.59 2002/01/29 08:44:53 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
|
||||
|
@ -133,6 +133,9 @@ static const struct encap_type_info {
|
|||
|
||||
/* WTAP_ENCAP_PRISM_HEADER */
|
||||
{ "IEEE 802.11 plus Prism II monitor mode header", "prism" },
|
||||
|
||||
/* WTAP_ENCAP_PFLOG */
|
||||
{ "OpenBSD PF Firewall logs", "pflog" },
|
||||
};
|
||||
|
||||
/* Name that should be somewhat descriptive. */
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* wtap.h
|
||||
*
|
||||
* $Id: wtap.h,v 1.101 2002/01/23 06:32:52 guy Exp $
|
||||
* $Id: wtap.h,v 1.102 2002/01/29 08:44:53 guy Exp $
|
||||
*
|
||||
* Wiretap Library
|
||||
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
|
||||
|
@ -101,9 +101,10 @@
|
|||
#define WTAP_ENCAP_CISCO_IOS 22
|
||||
#define WTAP_ENCAP_LOCALTALK 23
|
||||
#define WTAP_ENCAP_PRISM_HEADER 24
|
||||
#define WTAP_ENCAP_PFLOG 25
|
||||
|
||||
/* last WTAP_ENCAP_ value + 1 */
|
||||
#define WTAP_NUM_ENCAP_TYPES 25
|
||||
#define WTAP_NUM_ENCAP_TYPES 26
|
||||
|
||||
/* File types that can be read by wiretap.
|
||||
We support writing some many of these file types, too, so we
|
||||
|
|
Loading…
Reference in New Issue